all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone

Add to bookmarks
Aug. 24, 2022, 5 p.m. | Paul Oliveria

Microsoft Security Blog www.microsoft.com

Microsoft security researchers have discovered a post-compromise capability we’re calling MagicWeb, which is used by a threat actor we track as NOBELIUM to maintain persistent access to compromised environments.


The post MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone appeared first on Microsoft Security Blog.

compromise cybersecurity magicweb microsoft security intelligence nobelium

Visit resource

More from www.microsoft.com / Microsoft Security Blog

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials 4 days, 10 hours ago | www.microsoft.com
blizzard compromise credentials cve +20
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters 1 week, 2 days ago | www.microsoft.com
access attack attackers blog +17
How Microsoft discovers and mitigates evolving attacks against AI guardrails 2 weeks, 1 day ago | www.microsoft.com
address attacks blog guardrails +8
Explore Microsoft’s AI innovations at RSA Conference 2024 3 weeks, 1 day ago | www.microsoft.com
ai innovations blog conference event +12
Get end-to-end protection with Microsoft’s unified security operations platform, now in public preview 3 weeks, 2 days ago | www.microsoft.com
can center comprehensive approach cybersecurity +14
​​Frost & Sullivan names Microsoft a Leader in the Frost Radar™: Managed Detection and Response, … 1 month ago | www.microsoft.com
amp and response center defender +25
Microsoft Copilot for Security: General Availability details 1 month, 1 week ago | www.microsoft.com
amplify april availability copilot +13
Microsoft Copilot for Security is generally available on April 1, 2024, with new capabilities 1 month, 1 week ago | www.microsoft.com
april capabilities copilot govern +6
Enhancing protection: Updates on Microsoft’s Secure Future Initiative 1 month, 2 weeks ago | www.microsoft.com
blog customers engineering future +9

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineer 2

@ Oracle | BENGALURU, KARNATAKA, India
View on infosec-jobs.com

Oracle EBS DevSecOps Developer

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com

Information Security GRC Specialist - Risk Program Lead

@ Western Digital | Irvine, CA, United States
View on infosec-jobs.com

Senior Cyber Operations Planner (15.09)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

AI Cybersecurity Architect

@ FactSet | India, Hyderabad, DVS, SEZ-1 – Orion B4; FL 7,8,9,11 (Hyderabad - Divyasree 3)
View on infosec-jobs.com
View more jobs